Posts by |-|x

I originally posted this over on the WordPress forums, and got no responses. Eventually I figured out what the problem was and fixed it, but thought I'd repost here in case anyone else is experiencing similar issues (I couldn't find any related articles in my initial search on the symptoms.)

My experience was during development of a WordPress plugin, but I can see the potential for this to affect any web development on pages containing relative links. I hope someone finds this helpful.

/H

I have an interesting issue here. For some reason, in FireFox only, the page content being passed to my WordPress plugin is not correct for the page being viewed. It seems to be passing the content for the next page in the list, or something similar. The correct page content is actually presented in the browser, but not passed into the plugin, which is causing processing logic to fail in this browser.

This occurs on all pages in the site, regardless if I have placed any custom code or reference to the plugin into the page. I have been testing for days trying to figure out what/where the problem is occurring. All other browsers appear to work fine, but FireFox (and I have tested basically every version currently available to download). I don't believe it is a caching issue, as we've tried clearing, refreshing, changing/not using proxies, different computers, etc.

I have also noticed that the PHP $_POST and $_REQUEST variables don't …

Please note that IE6 does not provide native support for PNG transparency. You must use a special filter provided by MicroSoft.

<DIV STYLE="filter:progid:DXImageTransform.Microsoft.AlphaImageLoader(src='image.png', sizingMethod='scale');" >

(example modified from linked MS knowledgebase article.)

take a look at onkeypress

I can't see where your variable a is getting defined or set, but presumably it is a java variable available in the current scope and all you need to do is build it into the sql string.

rs=statement.executeQuery("select * from customer where serialnumber like '%"+a.ToString()+"%' ");

SELECT count(DISTINCT bodyNo) FROM paintshop WHERE `date`='2011-11-29'

You don't really need the second mytable, as MDanz is essentially achieving the same thing in his original query.

I agree that this only works because MySQL doesn't restrict the select to true GROUP clauses/fields.

I am also surprised to see (in my own testing just now) that the subquery version runs consistently 0.0001 sec faster than the group by version. (we are talking a difference of 0.0004 to 0.0005 seconds here, it is only a tiny dataset after all). I'd be interested to see if your results are similar as I would have thought the subqueries to be less efficient in execution.

Sorry, allow me to explain...

The first subquery will return the id of the first record with the lowest sid The second subquery will return the id of the first record with the second lowest sid so the actual resultant dataset will look like this:

+----+-----------+----------+
| id |       sid |      num |
+----+-----------+----------+
|  1 |        15 |      one |   
|  3 |        17 |    three |

which, from my understanding, was the desired outcome.

However as I mentioned the use of nested subqueries is significantly less efficient that using the original group by filter, and may not be appropriate or practical depending on the circumstance. If anyone can see a better way, please post. :)

I don't think you need php, but you will probably have to use some javascript or something if you want to force the link to be downloaded or saved.

You could use the target link attribute if you just need to stop it from opening in the same window as your current page.

you just need to grab the other values from the POST and include them in your sql query

eg:

//format:  $variable = $_POST['<input textbox id>'];

$pubdate = $_POST['updatepubdate'];
$title = $_POST['updatetitle'];
$publisher = $_POST['updatepublisher'];
//...etc, as many as you need...
 
$sql="UPDATE Books SET PublishDate='$pubdate', Title='$title', Publisher='$publisher' WHERE BookID = ".$bookid;
// check your field names are correct, and don't forget the quotes for string values

If you move your update code php block to the top of the page, right before the SELECT, it will automatically display the updated data when the page loads after the POST.

there are a few ways you could do it. One might be to use the query result, like:

if ($conn->query($sql))
   echo "Update Successful.";
else die("Cannot update");

around the variable in the middle, so that MYSQL will treat it as a string value: "UPDATE Books SET PublishDate='$update' where BookID = '".$bookid."'"; is BookID an integer? if so, you will not need the single quotes around it and your code should look like: "UPDATE Books SET PublishDate='$update' where BookID = ".$bookid;

don't forget you need quotes around your variable in the query, as I said previously

you're setting $query at line 74 but trying to execute $sql on line 78

OK... it looks like you are using MySQLi to handle the connection, should you therefore be using mysqli_query to perform the update operation?

Something like this would work, you may also be able to make use of the SELECT DISTINCT predicate if it helps - however, I think using the GROUP BY clause is cleaner and likely more efficient.

food for thought anyway...

select * from mytable where id=(
    select id from mytable where sid=(
        select Min(sid) from mytable
    ) limit 0,1
) or id=(
    select id from mytable where sid=(
        select Min(sid) from mytable where not sid=(
            Select Min(sid) from mytable
        )
    )limit 0,1
);

What specific error messages are you getting?

at a quick glance I can advise the following:

You will probably need to surround your SET variables with quotes, ie: "... SET PublishDate='$update' ..." Also, assuming that PublishDate is a datetime field of some sort in your database, you will need to ensure the data being input is in a format that MySQL can convert to a date, such as "yyyy-mm-dd"

I don't think $id= $_POST["id"]; will work since you are passing the value in the url.

take a look at $_Request and HttpQueryString

Hi ZeroEddy

Just had a quick glance at your css code and can give you the following advice (anyone feel free to correct me if you have a better idea).

1 - Using font-size as a percentage does not make it relative to page/screen size, but to the base inherited font size. I guess you could resize the font with some javascript, but I don't think there is a way in css to specify dynamic font size.

2 - I believe you need to add a float (left or right shouldn't matter) to the navbar div. This will cause the float on main div to follow the navbar rather than the navbar's children. [ie: it should stop the divs from jumping]

You will likely need to play with this and tweak it, especially if you check it in firefox/chrome and IE as they often do things differently.

Hope this helps.
~H

echo doesn't print the variable values when using a single quoted string.
ie:

$id = 1;
echo "<td>$id</td>"; // output: "<td>1</td>"
echo '<td>$id</td>'; // output: "<td>$id</td>"

there are a number of ways you could get around this issue, one would be to change those two link lines to be like this

echo '<td><a href="update_tanent.php?id=',$id,'">Edit</a></td>';

(for more information, check the php man pages ;)

Another related, useful tool by security expert Steve Gibson...
https://www.grc.com/haystack.htm

You may be able to configure a browser proxy on your VPN connection, which should redirect browser activity via the vpn - but as Lola said, it will depend on the specific configuration of your company network.

You should also check the usage policy (if the company has one) as you may be required to use specific methods for accessing services.

I'd say as long as you can see that your firewall is blocking his attempts to connect, you're not going to have a problem. Just because he is a member of a hacking forum, doesn't necessarily mean he knows what he's doing. A lot of software can be downloaded from places like that to automate basic things like port scanning.

A lot of the free anti-virus, anti-malware, and firewall software are just as good as the commercial ones. Check the reviews on download sites and you should be fine. This is one area where price does not necessarily equate to quality.

If you can, change your IP address. You should be able to move your internal LAN to a new address range in your router configuration.

You could also contact your ISP and make them aware of the situation. They may be able to move your connection to a different subnet, and possibly perform some monitoring / filtering of their connection.

If you believe you have sufficient evidence that he is trying to access your system illegally you could report it to the police, but you would probably need back logs that identify his IP address as the source, and I don't know how far you would really get.

Technically, the answer is yes, it is possible. That said, if he is bragging about it, he's not likely to be a serious threat. (The guys that tend to cause serious trouble will do so silently and, if possible, without your knowledge.)

There are some steps you can take to ensure your computer is secure. Things like;

- having a strong password - and change it immediately if you believe your computer has been compromised (accessed by someone without permission).

- Make sure your router / firewall is blocking incoming connections, unless absolutely necessary.

- keep your antivirus / anti-malware / etc software up to date - this will help identify if anyone is putting bad files or programs on your computer.

If you are still concerned about him accessing your computer without your knowledge, there are a number of programs available for free download that can monitor network traffic and detect potential threats on your network or PC.